Authorization in enterprise-wide distributed system: a practical design and application

Author

Vavadharajan, V. ; Crall, Chris ; Pato, Joe

Author_Institution

Univ. of W. Sydney, NSW, Australia

fYear

1998

fDate

7-11 Dec 1998

Firstpage

178

Lastpage

189

Abstract

As companies migrate from a centralized to a distributed computing environment, the administration and management of security policies, in particular authorization policies, is becoming an increasingly difficult task. The paper considers the design of an authorization system that is suitable for distributed applications. It discusses the architectural design principles, describes the constructs of the authorization policy language and outlines the authorization service and components involved. The paper gives some example policy specifications and illustrates how privileges are specified and evaluated, as well as how privilege resolutions are achieved

Keywords

authorisation; business data processing; distributed processing; architectural design principles; authorization policies; authorization policy language; authorization service; authorization system; distributed applications; distributed computing environment; enterprise wide distributed system; example policy specifications; privilege resolutions; security policies; Access control; Australia; Authentication; Authorization; Companies; Environmental management; Logic; Read only memory; Relational databases; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1998. Proceedings. 14th Annual

Conference_Location

Phoenix, AZ

ISSN

1063-9527

Print_ISBN

0-8186-8789-4

Type

conf

DOI

10.1109/CSAC.1998.738614

Filename

738614